Down But Not Out – States Point the Way to How the FTC Might Recover from the 11th Circuit’s LabMD Decision

In a classic story of “it’s never over until it’s over,” cybersecurity David LabMD challenged the FTC’s Goliathan ability to issue sweeping orders in relation to security concerns under Section 5(a) of the Federal Trade Commission Act.  LabMD had lost its challenge of the FTC’s underlying authority to issue such orders, but continued in its fight, ultimately challenging the wording of the FTC’s form order itself.  And LabMD ultimately won in a landmark decision that can be found here.

States have been following a parallel enforcement track to the FTC, issuing their own orders under their Unfair and Deceptive Acts and Practices (“UDAP”) acts, otherwise known as “little FTC” acts.  The states, however, may have already created a way for the FTC to have its cake and eat it too in light of the 11th Circuit’s decision:  be more specific in its enforcement orders, and perhaps limit their temporal scope.  HSE Privacy and Data Security chair, F. Paul Greene, and team member Daniel J. Altieri, discuss these developments in detail in the New York Law Journal article linked below.

view 11th Circuit Decision in LabMD Case Could Have Repercussions Beyond the FTC PDF

Attorney Advertising. Prior results do not guarantee a similar outcome. This publication is provided as a service to clients and friends of Harter Secrest & Emery LLP. It is intended for general information purposes only and should not be considered as legal advice. The contents are neither an exhaustive discussion nor do they purport to cover all developments in the area. The reader should consult with legal counsel to determine how applicable laws relate to specific situations. ©2022 Harter Secrest & Emery LLP